tl;dr: Linux noob wants to dual boot Linux. Disabled secure boot and bitlocker on windows in order to boot from USB. Now wants to re-enable secure boot, while still being able to boot into Linux. Possible/impossible with any distro?
I’m a complete Linux noob, and been primarily a windows user since forever. The only Linux experience that I have is a repurposed old (2008-ish) mac mini where I put on Ubuntu to serve as a media center in my living room, and I have used WSL to run some Docker containers (without installing a specific distro).
However, as a developer and ict-teacher, I thought it was about time that I started using Linux. So I got the idea to dual boot my new laptop (asus flow-x13 / Win10), and try to use Linux as my main system for all my work-related stuff.
While reading up on different distros and DEs, I often got the suggestion to create a bootable USB drive using something like Rufus, try it out, and proceed to install if I like it. I also created a partition on my laptop drive to install Linux onto.
Here is how that went: (too detailed? can be useful for other noobs such as myself?)
The first distro I wanted to try is Manjaro/Gnome or Manjaro/KDE. So I downloaded the minimal ISO file for Manjaro/Gnome, put in a 4GB usb stick and ran Rufus. This created a bootable USB.
I then went to my laptops uefi, changed the boot order, put in the usb stick and rebooted. This gave me the following error:
Secure boot violation
Invalid signature detected. Check secure boot policy in setup
<ok>
Alright, easy enough, I’ll disable secure boot. Into uefi > advanced > security > secure boot > disable.
Now I get a Bitlocker-recovery recovery screen. Looked it up, apparently I should disable bitlocker first, then disable secure boot, then I should be able to boot from usb.
So I restored my uefi settings, restarted and then
- disabled device encryption in Win10
- restarted into the uefi
- disabled secure boot from the uefi > advanced
- changed the boot order back to the usb stick
- saved uefi settings and restarted
And now… hooray! I booted into the Manjaro USB stick! After this I installed Manjaro to the partition, restarted, and then it got stuck on the following message:
failed to start load/save backlight brightness of backlight:acpi_video0.
After a lot of Googling around (btw, I don’t know how I would have managed without a second system at hand), I tried the following:
- ctrl+alt+f3 to get into terminal
- used command
sudo nano /etc/default/grub
to edit the grub file - added the line
systemd.restore_state=0
at the end of the file - reboot
Now it boots into manjaro, I get to choose between partitions on startup, everything seems to be working fine.
Not a great installation experience, but I do recognize that some of these troubles were probably a MS-created issue.
Problem is that I want to upgrade to Win11, as this is the system all my colleagues and students will be using. But that requires secure boot to be enabled.
Long story short: can I enable secure boot again? I’ve read a lot of conflicting messages that Manjaro may or may not work with secure boot enabled.
And if Manjaro doesn’t work with secure boot, are there any other distros that will work with secure boot enabled?